Associate Director, Cyber Security

We’re living at the dawn of a borderless world, but most people still don't have the tools needed to engage in critical high-trust services including everything from access to financial services, to sharing assets in peer-to-peer marketplaces, and even managing talent. At MetaMap, our work is centered on addressing this gap by building an identity data protocol that surfaces merits in the form of legal, financial, and work data. We’re energized by the unlimited potential that comes from this collective coordination, the removal of barriers to access, and the future we’re building towards — one that is interconnected and equitable. If you believe in our mission to help unlock borderless growth too, come join the MetaMap team!

About the role

MetaMap is rapidly expanding across the globe, and is looking to hire an experienced (Associate) Director, Cyber Security to lead our security and privacy teams.  We handle extremely sensitive data on behalf of heavily regulated banks, FinTechs, lending institutions, crypto exchanges, retailers, and other types of companies in dozens of countries across emerging markets (especially in LATAM and Africa).  This role will manage our team of talented security engineers and compliance analysts to ensure that we process this data responsibly and securely, and that we maintain the trust of our customers. 

In this role, you will manage MetaMap’s security team.  This will include managing a group of excellent application security engineers that keep the MetaMap platform secure, and working with this team to support our fast-moving Engineering team.  Additionally, you will manage a Compliance Analyst who is in charge of our internal policies and governance efforts, and manages our relationships with our auditors and our security certifications (we currently have SOC 2 Type 2 and ISO 27001 certifications).  You will also work closely with our Revenue team to make sure that we can address questions and concerns about the security of our platform from existing customers or sales prospects.  

Additionally, you will work closely with our Legal team to build out a world class privacy program (the Security team is part of the Legal Department, and this role reports directly to the General Counsel).  This will include extensive data mapping, and working closely with our Engineering, Product, Data, and IT teams to ensure that we protect data subjects when we process their data.

We are a fast-moving startup, and we need agile “athletes” who are comfortable with change and can adjust and grow with our specific needs. If you need structure and process, this is not the role for you. If you are excited about the idea of building out a security function that can support a company looking to grow throughout complex emerging markets, come join us and help build the infrastructure that will allow MetaMap to unlock borderless commerce across the globe!

Key responsibilities

• Oversee our overall security team, with a special focus on application security
• Build strong relationships with our Engineering team and help develop reliable and low-touch SDLC processes.
• Build out strong security and privacy governance processes that are workable in a startup environment, but that will meet the expectations of our large enterprise customers (that expect a certain level of program maturity).
• Support our Revenue team, making sure that we can make our customers comfortable with our security practices, or adjust our program as needed to meet customer expectations.
• Oversee Security Incident Response, working with other teams to build out a reliable incident response framework.
• Maintain existing security certifications, and get new certifications as needed.

Skills & Experience

Requirements:

• 10+ years of experience doing security work, ideally for a company that handles very sensitive information and that operates internationally.  
• Technical or application security experience is extremely important, given how sensitive the data we process can be. But this is a broader role and experience with security governance, compliance, audits, and incident response is all helpful too.
• Experience supporting sales or revenue teams to answer customer questions, train sales teams, prepare security materials and white-papers, etc. – especially if that experience involves enterprise customers.
• Experience building out pragmatic governance practices that are reasonable given our stage and size.
• Experience obtaining security certifications and managing external and internal auditors.
• Significant management experience and a track record of helping to grow team members (especially if done remotely).  
• The​ ​ability​ ​to​ ​build​ ​and​ ​maintain​ ​strong​ ​relationships​ ​with​ ​a​ ​variety​ ​of​ ​people and teams, both internal and external.​ ​​​You​ ​will​ ​need​ ​to​ ​be​ ​able​ ​to​ ​gain​ ​the​ ​trust​ ​of​ ​a​ ​wide​ ​range​ ​of​ ​folks​ ​at MetaMap,​ ​to​ ​speak​ ​to​ ​each​ ​team​ ​“in​ ​their​ ​language,”​ ​and​ ​to​ make them ​feel​ ​comfortable​ ​enough​ ​to​ ​reach​ ​out​ ​when things​ ​go​ ​wrong. You will also need to build trusted relationships with key external stakeholders. You will need to do all of this in a purely remote environment with team members distributed all over the world.
• A​ ​desire​ ​to​ ​work​ ​on​ ​an​ ​agile & lean​ ​team.​ ​​​We are pulled in a million different directions at all times, and the ability to triage, prioritize, and encourage the same in your team is critical.

Bonus experience:

• Experience working for a company that sells to banks, FinTechs, or other heavily regulated organizations
• Experience working in emerging markets
• Spanish proficiency is a huge plus (Portuguese could also be helpful)

MetaMap is building tools that power a borderless world where everyone has equal access to opportunity based on their merits. As a proud equal opportunity employer, we live by these same values, celebrate diversity, and are committed to creating an inclusive environment for all of our employees. We are also committed to a fair and inclusive interview experience, including providing reasonable accommodations to disabled applicants throughout the recruitment process. We encourage applicants to share any needed accommodations with their recruiter, who will treat these requests as confidentially as possible. 

We evaluate all employees and job applicants consistently, without regard to race, color, religion, sex (including pregnancy, gender identity, and sexual orientation), parental status, national origin, age, disability, genetic information (including family medical history), political affiliation, military service, or any other legally protected class. All employment decisions including the decision to hire, promote, discipline, or discharge, will be based on merit, competence, performance, and business needs. Additionally, we consider qualified applicants with criminal histories for employment on our team, and always assess candidates on an individualized basis.